Linux-Development-Sys Digest #777, Volume #7 Sun, 16 Apr 00 13:13:14 EDT
Contents:
Re: MS caught breaking web sites ("Boris")
Re: Put the lib into the libc? (was: Re: Simple but...) (William Burrow)
Re: To core or not to core - You tell me (Michael Rubenstein)
Re: MICROSOFT IT THRU! MICROSOFT IS THRU! ("Chad Myers")
.DLL not present in W2K, MICROSOFT GUILTY OF COVERUP! (Charlie Ebert)
Re: MICROSOFT IT THRU! MICROSOFT IS THRU! (Carl Fink)
Re: Building bzImage with 2.3.99-pre3 fails (Paul Kimoto)
Re: Q: is there a free secure network filesystem for Linux? (David Wragg)
Re: .DLL not present in W2K, MICROSOFT GUILTY OF COVERUP! ("Chad Myers")
----------------------------------------------------------------------------
From: "Boris" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MS caught breaking web sites
Date: Sun, 16 Apr 2000 04:20:52 -0700
Can you post your BS on linux newsgroups. That's were it belongs right. Just fuck off
NT
newsgroups you idiot.
Boris
"wisdom" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> WELL WELL WELL!
>
> For all of you butt-bumping suckbuddies of Mr. Bill who have
> been assuring us that there are no network "backdoors" in
> Windows you, along with your evil master, are fucked now.
>
> Microsoft just acknowledged (see attached CBS article) that they
> installed secret code in Windows to sabotage webservers
> by allowing "backdoor" unsecured logins for hackers. The
> code was apparently intended to be used against Netscape
> based on embedded comments in the file.
>
> Microsoft is blaming this on "rogue" programmers, whom
> they are promising to fire.(Now tell me the one about the easter bunny)
>
> The timing of this admission couldn't be better... Just when Judge
> Jackson
> is considering whether Microsoft deserves to be broken up, it turns out
> that
> their market dominance was aided by deliberate sabotage...Hmmmm
>
> Let's all hear a rousing chorus of "Breaking up is hard to do".
>
>
>
>
> Microsoft Acknowledges Hidden File
> Secret Message Was Aimed At Rival
> Manager Will Fire Those Responsible
> No Reports Of Hackers So Far
>
> NEW YORK
> (CBS) Microsoft Corp.
> engineers
> included a secret password in
>
> Internet software that could
> be
> used to gain illegal access
> to
> hundreds of thousands of Web
> sites, The Wall Street
> Journal
> reported Friday.
>
> The rogue computer code was
> discovered in a
> three-year-old
> piece of software by two security experts. Contained
> within the code
> is a derisive comment aimed at a Microsoft rival:
> "Netscape
> engineers are weenies!"
>
> Steve Lipner, who manages Microsoft's
> security-response center,
> described such a backdoor password as "absolutely
> against our
> policy" and a firing offense for the as-yet
> unidentified employees.
>
> There have been no reports of site access through
> the code, but the
> affected software is believed to be used by many Web
> sites.
>
> The file, called "dvwssr.dll" is installed on
> Microsoft's Internet-server
> software with Frontpage 98 extensions. By using the
> so-called
> backdoor, a hacker may be able to gain access to key
> Web site
> management files, which could in turn provide a road
> map to such
> things as customer credit card numbers, the Journal
> reported.
>
> One of the security experts, Russ Cooper, says the
> risk is bigger
> with commercial Internet hosting providers, which
> maintain
> thousands of Web sites for a slew of organizations.
>
> It was apparently programmed by a Microsoft employee
> when
> Netscape and Microsoft were at war over their
> version of an internet
> browser, according to the Journal. Eventually
> American Online Inc.
> acquired Netscape.
>
> The Journal reported that an engineer from Netscape
> called the
> hidden file a "classic engineer rivalry."
>
> Microsoft urged customers to delete the file and
> planned to warn
> customers with an e-mail bulletin and an advisory
> published on its
> corporate Web site.
>
> Copyright 2000 CBS Worldwide Inc. All Rights
> Reserved. This
> material may not be published, broadcast, rewritten,
> or
> redistributed. The Associated Press contributed to
> this report.
>
>
------------------------------
From: [EMAIL PROTECTED] (William Burrow)
Crossposted-To:
uk.comp.os.linux,uklinux.help.newbies,comp.os.linux.development,comp.os.linux.questions,comp.os.linux.development.apps
Subject: Re: Put the lib into the libc? (was: Re: Simple but...)
Date: 16 Apr 2000 12:03:39 GMT
Reply-To: [EMAIL PROTECTED]
On Sun, 16 Apr 2000 11:02:51 +0200,
Matthias Kleinmann <[EMAIL PROTECTED]> wrote:
>So it is stupid, if you have to change your libc for a small (but
>relevant) improvement in the libm, since this means AFAIK rebooting :((
I dunno, for some reason my Debian system went through a change of
libraries (glibc2.0 -> glibc2.1) without rebooting.
--
William Burrow -- New Brunswick, Canada o
Copyright 2000 William Burrow ~ /\
~ ()>()
------------------------------
From: Michael Rubenstein <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.c,comp.unix.solaris,comp.lang.c++,comp.unix.programmer
Subject: Re: To core or not to core - You tell me
Date: Sun, 16 Apr 2000 08:31:36 -0400
On Fri, 14 Apr 2000 23:27:07 +0100, Mark McIntyre
<[EMAIL PROTECTED]> wrote:
>On Fri, 14 Apr 2000 01:02:17 GMT, [EMAIL PROTECTED] (Kaz
>Kylheku) wrote:
>
>>On Fri, 14 Apr 2000 00:08:23 +0100, Mark McIntyre <[EMAIL PROTECTED]>
>>wrote:
>>>On Wed, 12 Apr 2000 15:33:17 -0700, Erik Max Francis <[EMAIL PROTECTED]>
>>>wrote:
>>>
>>>>Mark McIntyre wrote:
>>>>
>>>>> Agreed. I'm talking about NULL, the macro which 6.3.2.3 and 7.17 in
>>>>> the ANSI/ISO C standard defines as the null pointer constant.
>>>>
>>>>But you said "the bit pattern of NULL," which doesn't make sense,
>>>>because NULL is a macro. Macros don't have bit patterns.
>>>
>>>But the macro preprocesses out to a value. And that value is either an
>>>integer 0 or such an expression cast to a void*. This value is
>>>represented in memory by some bitpattern.
>>
>>Read my other posting about this. The value of an expression is not
>>necessarily represented in memory.
>
>Uhh, we had this discussion a few months back. No matter what,
>eventually it _has_ to be in memory somewhere, even if its only in a
>register. The processor cannot use it unless it exists somewhere...
I can't find this in the standard. Can you give a citation?
Consider the program:
#include <stdio.h>
int main(void)
{
int* x = NULL;
double* y = NULL;
return 0;
}
Suppose we have a machine on which the void* null pointer is
represented by the bit pattern 0xf0f0, the int* null pointer by
0x1010, and the double* null pointer by 0x2020. This program
could be translated to simply store the bit pattern 0x1010 in x
and 0x2020 in y. Which of these is the representation of the
null pointer constant?
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MICROSOFT IT THRU! MICROSOFT IS THRU!
Date: Sun, 16 Apr 2000 14:39:17 GMT
"Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Chad Myers wrote:
> > "Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> >
> > > Dear Chad.
> > >
> > > Microsoft is asking everybody to delete that .dll.
> > > They wouldn't ask us to delete the .dll if it weren't a threat.
> >
> > Because people are too stupid to set their permissions correctly.
> permissions for you NT people are like what you have to do in Linux.
> You know, Linux. That cruddy operating system which let's you do things.
NT lets you, and in fact encourages you to set permissions. What the hell
are you talking about? Or are you just ignorantly blathering again?
> Well, your not supposed to have to do that to NT as they were supposed
> to set your operating system up right folks and NOT include any .dll's
> with passwords like netscapeengineersareweenies....
Hey Charlie, do you even know the facts? Here, let's have a review:
1.) There is no backdoor password
2.) That dll only has one error: a buffer overrun which was found after WSJ
started this whole hype trip (that you fell for hook, line and sinker)
3.) However, it was found that if you do not set permissions correctly for
web publishing, it's POSSIBLE (although not likely) that someone could
read files from another user's account. Note that this has NOTHING to
do with that DLL files, this is just Permissioning 101.
> > Not to mention that there is a buffer overrun that was discovered (which has
> > nothing to do with this false 'backdoor' urban legend) and since this DLL
> > is pretty much depricated, MS is just advising to delete it for precaution.
>
> Depreciated = Netscape is out of business.
What? <sigh> That DLL has nothing to do with Netscape. That DLL was used to
facilitate using Visual InterDev 1.0's LinkView functionality. Since VID 1.0 is
depricated (because VID 6.0 is out) there is no use for the DLL anyhow.
It has nothing to do with Netscape, moron.
> > If MS were interested in backdooring your system, why would they tell you
> > to delete it?
> >
>
> Perhaps the entire world knows about it now Chad?
Knows what? That there is no backdoor. Perhaps you should get a clue like the
rest of us?
THERE IS NO BACKDOOR OR SECRET PASSWORD.
-Chad
------------------------------
From: Charlie Ebert <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip
Subject: .DLL not present in W2K, MICROSOFT GUILTY OF COVERUP!
Date: Sun, 16 Apr 2000 15:40:02 GMT
Since the .dll in question was not found in Windows 2000 release, then Microsoft
was
aware of .dll and took it out of release. Appearently Microsoft just FORGOT to
warn us and the rest of the world about their ILLEGAL BACKDOOR.
This makes them guilty of a consipiracy against Netscape Corporation as
well as guilty of de-frauding everybody who ran a Netscape server in those
day's as some Microsoft Troll was hacking into their site and dropping
their server every chance he got!
This can leave only ONE alternative for the Judge and that would be to
break up Microsoft into very small peices.
So, my original marketing estimates, given Linux growth will have to be moved up!
2006 was OUTSIDE estimate for Microsoft's survival as an OS company.
That was OUTSIDE given Linux's tremendous growth the last 3 years, the
fact that 50% of all servers sold in 1999 had Linux installed on them.
If Microsoft is broken up I'm going to move their OS companies demise up
by 2 years to 2004.
The reason for this is the Back Office people's decision to come out with a
distribution of their own to compete with Coral.
And the Database and development tools company will want to do the same
to compete with Borland.
It only makes sense that the other former Microsoft companies will want
to compete with the rest of the human race and come in out of the cave
they've been hiding in.
Boy! What a great WINDFALL for the Linux community!
Bill Gates and Microsoft CAUGHT in crimes against the WORLD again!
Of course, even if they were honest, Linux sales would have forced Bill Gates
into a decision to continue on with his OS effort at the 2006 point.
Linux has ALREADY done serious damage to his marketing efforts for the first
quarter of 2000, Linux is actually ahead of Microsoft in market share due to
the release of W2K.
This on top of the fact there is no dual path OS structure anymore of a 95 or 98
and
an NT. Bill Gates relealizes he's in for the fight of his life now in a futile
attempt
to defeat an operating system backed by NO-business he can grasp!
Linux is a ghost which he can't defeat. A free source OS which can litterally
be downloaded over the internet as with Mandrake 7.0 and installed with a graphical
installer
as it's downloading! OR a boxed OS for well under $100.
I've actually run a copy of Applix now I've had for 5 years. I've never been able
to make
a Microsoft product survive over 5 years as with every new operating system they
seem
to FORCE you to re-buy everything. Nothing works quite right anymore or is missing
the features it needs to enjoy the new OS.
But in the 5 years I've had Applix, I've never had to replace it during the 5
upgrades I've done to
the OS. Every new version is totally upward compatible with my old software.
And you know the BUGS reported in Linux are fixed much more quickly than with
Microsoft
as we get bug patches almost daily available to the public. I'm not waiting 6
months for some
service pack or 4 years for the next Microsoft OS to come out!
Just a whole different world in the Linux community where things actually work
right
and have the security fixes applied in reasonable time, and yet see no
"NETSCAPEENGINEERSAREWEENIES" in my code or have any extraneous, NON-REPORTED
.dll's to remove from my system which cause serious security leaks.
By the way, have I told you the KDE desktop just smokes any Microsoft desktop.
Why can't Microsoft provide it's users with 8 seperate desktops to store all their
opened applications.
Why minimize then maximize to go back and forth all the time? Did you know I can
just take my mouse
and convert those 8 seperate desktops into one BIG OPEN RANGE one which my mouse is
my horse
and I can go expore the OPEN RANGE! HA HA!
So Linux was the first to come out with the HORSE!
I don't know why people tolerate the security leaks in Microsoft nor the bugs in
Microsoft,
nor the lack of thought which went into Windows 2000. It's inferior.
There is truely NOTHING you can do better on W2K over a copy of Mandrake 7.0.
Or for that matter Suse 6.4, or Caldera 2.X ,or Redhat 6.2, or Debian 2.2, or
Slackware 7.0, or, or ,or ,or ,or.......
Your not just STUCK with one form of distribution and ONE form of support in my
world either!
Why people stick with Microsoft is strange to me. I left completely about 2 years
ago.
About when 98 came out. Never looked back. I have everything here I had back on a
Microsoft OS plus
MUCH MUCH MORE I never knew existed.
I want everybody who's reading this in a windows COMP advocay list to go them a box
of
Mandrake 7.0 or Suse 6.4 and load it on thier machines this week.
Do that. End your slavery!
Charlie
------------------------------
From: [EMAIL PROTECTED] (Carl Fink)
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MICROSOFT IT THRU! MICROSOFT IS THRU!
Date: 16 Apr 2000 16:07:20 GMT
Reply-To: [EMAIL PROTECTED]
This is *way* too crossposted. Please do as I'm doing and set your
followups to comp.os.linux.advocacy only.
Thank you.
("IT"?)
--
Carl Fink [EMAIL PROTECTED]
Manager, Dueling Modems Computer Forum
<http://dm.net>
------------------------------
From: [EMAIL PROTECTED] (Paul Kimoto)
Subject: Re: Building bzImage with 2.3.99-pre3 fails
Date: 16 Apr 2000 12:24:11 -0500
Reply-To: [EMAIL PROTECTED]
In article <8dc5od$6jj$[EMAIL PROTECTED]>, Uli Joergens wrote:
> "Paul Kimoto" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
> news:[EMAIL PROTECTED]...
>> In article <8d7p7j$pab$[EMAIL PROTECTED]>, Uli Joergens wrote:
> gcc -E -D__KERNEL__ -I/usr/src/linux/include -D__BIG_KERNEL__ -traditional -
>>> DSVGA_MODE=NORMAL_VGA bootsect.S -o bbootsect.s
>>> as -o bbootsect.o bbootsect.s
>>> bbootsect.s: Assembler messages:
>>> bbootsect.s:735: Error: base/index register must be 32 bit register
>> Which binutils version do you have?
> I'm using SuSE 6.3 with binutils 2.9.1.0.20-0.
>
> Is there anything newer proposed?
You might need 2.9.5.*. I'm using 2.9.5.0.31(-3) on Debian (frozen).
--
Paul Kimoto <[EMAIL PROTECTED]>
------------------------------
From: David Wragg <[EMAIL PROTECTED]>
Subject: Re: Q: is there a free secure network filesystem for Linux?
Date: 16 Apr 2000 16:27:01 +0000
[EMAIL PROTECTED] writes:
> Mario Klebsch <[EMAIL PROTECTED]> wrote:
> [snip]
> : AFAIK, this is one of the main benefits of secure NFS. It is no longer
> : required to trust the kernel on the client side. However, I never used
> : secure NFS when I worked with Solaris systems, since I did trust my
> : clients.
>
> Great, but only if you have Solaris everywhere ...
The NFSv4 for Linux project
(<http://www.citi.umich.edu/projects/nfsv4/>) intend to tackle Secure
NFS in the future.
That project is sponsored by Sun, and Sun have recently released their
RPC code, including the Secure RPC stuff (but see below), under a
BSD-like license. It should be straightforward to integrate that code
into, say, glibc, to get Secure RPC on Linux. This would be a step
towards Secure NFS, but only a small step, because re-implementing it
as kernel code is easier said than done.
The TI/RPC code released by Sun seems to be pretty complete, with the
exception of the GSSAPI mechanism for Kerberos, which is dissapointing
since it is in Solaris 8. Secure NFS but without Kerberos support
would make it less interesting here.
David Wragg
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip
Subject: Re: .DLL not present in W2K, MICROSOFT GUILTY OF COVERUP!
Date: Sun, 16 Apr 2000 16:50:53 GMT
"Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Since the .dll in question was not found in Windows 2000 release, then
Microsoft
> was
> aware of .dll and took it out of release. Appearently Microsoft just FORGOT
to
> warn us and the rest of the world about their ILLEGAL BACKDOOR.
Charlie, it's one thing to be an idiot, but a completely different thing to
outright
blatantly lie.
How many times do I have to say this? THERE IS NO BACKDOOR! It's been proven and
verified by many sources. Why can't you accept the facts?
> This makes them guilty of a consipiracy against Netscape Corporation as
How was it a conspiracy against netscape?
[SNIP More ignorant babble and flat out lies and falsehoods]
-Chad
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.development.system) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Development-System Digest
******************************
